Stored Cross-Site Scripting Vulnerability in Pixelimity by Pixelimity
CVE-2022-28589
4.8MEDIUM
What is CVE-2022-28589?
A stored cross-site scripting (XSS) vulnerability exists in Pixelimity version 1.0, which can be exploited by attackers to inject and execute arbitrary web scripts or HTML code. This can occur via the Title field in the admin interface, particularly when adding new pages. Successful exploitation allows unauthorized control over web pages, posing a significant security risk to affected users.